mirror of
https://github.com/servo/servo.git
synced 2025-07-10 00:43:39 +01:00
Update WebSocket blocked ports to match the Fetch spec
Adresses #9949.
This adds a function that tests whether a request should be blocked or not based on it's url's scheme and port. It also adds testing for port restriction to the `main_fetch` method. More info in eb07418c83
.
@Ms2ger In https://github.com/whatwg/html/issues/841, @annevk proposes to remove port restrictions from websockets. Should we go ahead do that, given that the spec hasn't been changed yet?
<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="35" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/10014)
<!-- Reviewable:end -->
88 lines
3 KiB
HTML
88 lines
3 KiB
HTML
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<title>W3C WebSocket API - Create Secure WebSocket - blocked port</title>
|
|
<script type="text/javascript" src="/resources/testharness.js"></script>
|
|
<script type="text/javascript" src="/resources/testharnessreport.js"></script>
|
|
<script type="text/javascript" src="websocket.sub.js"></script>
|
|
</head>
|
|
<body>
|
|
<div id="log"></div>
|
|
<script>
|
|
test(function () {
|
|
// list of bad ports according to
|
|
// https://fetch.spec.whatwg.org/#port-blocking
|
|
var BLOCKED_PORTS_LIST = [
|
|
1, // tcpmux
|
|
7, // echo
|
|
9, // discard
|
|
11, // systat
|
|
13, // daytime
|
|
15, // netstat
|
|
17, // qotd
|
|
19, // chargen
|
|
20, // ftp-data
|
|
21, // ftp
|
|
22, // ssh
|
|
23, // telnet
|
|
25, // smtp
|
|
37, // time
|
|
42, // name
|
|
43, // nicname
|
|
53, // domain
|
|
77, // priv-rjs
|
|
79, // finger
|
|
87, // ttylink
|
|
95, // supdup
|
|
101, // hostriame
|
|
102, // iso-tsap
|
|
103, // gppitnp
|
|
104, // acr-nema
|
|
109, // pop2
|
|
110, // pop3
|
|
111, // sunrpc
|
|
113, // auth
|
|
115, // sftp
|
|
117, // uucp-path
|
|
119, // nntp
|
|
123, // ntp
|
|
135, // loc-srv / epmap
|
|
139, // netbios
|
|
143, // imap2
|
|
179, // bgp
|
|
389, // ldap
|
|
465, // smtp+ssl
|
|
512, // print / exec
|
|
513, // login
|
|
514, // shell
|
|
515, // printer
|
|
526, // tempo
|
|
530, // courier
|
|
531, // chat
|
|
532, // netnews
|
|
540, // uucp
|
|
556, // remotefs
|
|
563, // nntp+ssl
|
|
587, // smtp
|
|
601, // syslog-conn
|
|
636, // ldap+ssl
|
|
993, // imap+ssl
|
|
995, // pop3+ssl
|
|
2049, // nfs
|
|
3659, // apple-sasl
|
|
4045, // lockd
|
|
6000, // x11
|
|
6665, // irc (alternate)
|
|
6666, // irc (alternate)
|
|
6667, // irc (default)
|
|
6668, // irc (alternate)
|
|
6669, // irc (alternate)
|
|
];
|
|
for (var i = 0; i < BLOCKED_PORTS_LIST.length; i++) {
|
|
var blockedPort = BLOCKED_PORTS_LIST[i];
|
|
assert_throws("SECURITY_ERR", function () { CreateWebSocketWithBlockedPort(blockedPort) });
|
|
}
|
|
}, "W3C WebSocket API - Create Secure WebSocket - Pass a URL with a blocked port - SECURITY_ERR should be thrown")
|
|
</script>
|
|
</body>
|
|
</html>
|